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3ACTOCYBAHHA JIOTIKM TWPEXMKATIB JIA BUABJIEHHA 
BIJMOB Y SCADA CHCTEMAX 


We consider the task of failure detection and localization. It is based on the analysis of the information 
flow state change in the system. We suggest a structural and logical model to describe SCADA of any 
topology. It is possible to form diagnostic features of independent failure detection. They are based on the 
characteristic functions of three-valued logic. We determine the predicate system of knowledge 
representation to implement the method of SCADA diagnostics in the event of incomplete data. 

Keywords: predicate system of knowledge representation, structural and logical model, three-valued 
logic, independent failure. 


PosruaqaeTbcd 3aaua BHABJICHHA Ta JOKai3alli BiaMoB y SCADA ua ocHoBi aHasli3y 3M1HH cTaHy 
iHopMaliHux MOTOKIB y cucTemi. IIpononyeTbes CTpyKTypHO-JIOTi4Ha MOJeIb onUcy SCADA Oyyb-saKOi 
Tonouorii. Ha ocHoBi XapakTepHcTHYHUX PyHKUI Tpu3HayHOi JOriKH (OPMYIOTLCA WiarHOCTHYHI O3HaKH 
BHABJICHHA HE3aIeKHO! BIAMOBU. BusHayaeTbea UpequKaTHa CHCTeMa NOaHHA 3HAaHb AIA pealizalii MeTOAy 
JarHOcTHKH Mpate3sqaTHocti SCADA B yMoBax HelMoBHUX JaHux / HeOCTOBIPHUX aHHXx. 

Karoyosi copa: TpequkaTHa CHcTeMa MOJaHHA 3HaHb, CTPyKTypHO-JIOriqHa MOJeIb, TpH3HauHa 
JIOrika, He3ajiexKHa Bi{MOBa. 


Introduction 

Considering the application of expert systems to diagnose SCADA performance, it 
should be noted that the relevant task is the development of a reliable and fast decision 
Support system which significantly depends on the chosen method of knowledge 
representation [1-3]. 

All knowledge representation systems can be divided into the following main 
classes: declarative, procedural and special. Predicative systems refer to declarative 
knowledge representation systems. It is possible to distinguish procedures to find solutions 
(known as a generation mechanism) and procedures to optimize this search (management 
mechanism) for declarative knowledge representation systems. 

Declarative systems are characterized by the universality of knowledge 
representation. The control mechanism, which determines the semantics of the declarative 
system and heuristic efficiency to search the solution, reduces the universality of 
knowledge representation. Thus, there is a contradiction between universality and 
efficiency of knowledge representation for declarative systems [1-3]. 

Publication analysis regarding topic research 

We analyzed the latest research in the field of SCADA diagnostics using expert 
system methodology. It showed that today’s expert diagnostic systems are focused on 
Technological Control Object (TCO) diagnostics. At the same time, they do not diagnose 
the whole SCADA system. Vast, intensive flows of low-level diagnostic information 
generated by SCADA causes significant difficulties in its processing by operational 
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personnel. Therefore, there is a need to implement expert systems as decision support 
systems for SCADA diagnostics in real time. 

Problem statement 

The pressing problem is automatic high-level SCADA diagnostics based on the 
methodology of expert systems in real time. 

The aim of the research is to increase the quality of SCADA functioning by 
developing a method of automatic failure detection and localization in real time. It is based 
on the analysis of information flow change when passing through SCADA structural 
elements and hierarchy levels. To do this it is necessary to develop a knowledge 
representation system which can universally describe the following elements: SCADA 
structure of any topology; distribution of diagnostic features for independent failure 
detection through structural elements of different hierarchy levels; effective diagnosis 
search in real time. 

Main part 

Consider an example of a given fragment of SCADA structure (see Fig. 2 [4]. 
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Fig. 1. SCADA structural scheme 
The set of controlled parameters (CP TCO) at a point of time f is as follows: 


XO Ors Ont Ory): (1) 


Controlled parameters are measured by sensors and are transmitted to RTUs through 
data transmission channels (Ch1). These controlled parameters are then transmitted to 
servers through Ch2. 

We can apply the following non-decreasing sequences of natural numbers to describe the 
distribution of controlled parameters through structural elements of different hierarchy levels [5]. 

The sequence K, determines the distribution of controlled parameters through sensors 
and Ch1: 


x Hk, kK). k . (2) 


Km, 
The sequence /, determines the distribution of controlled parameters through RTUs 
and Ch2: 


Te =1,,19,. ous sb is. sugar (3) 
The sequence M; determines the distribution of sensors and Ch1 through RTUs and Ch2: 
M, =™M,My,...,M;,-..,My- (4) 
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We define certain predicates of connection between structural elements of different 
hierarchy levels using formulas (2) — (4). 

The predicate of connection between CP TCO x; and Sensory: 

A (i, 4) :=(is Kray )& (us my )) (a> D2 > Ki) &(i< K,)) 1s kK) 70, (5) 
where mj € Kx. 

The predicate of connection between CP TCO x; and RTU;: 

Ay, j)=(GSin  &(GSEN) MJ >VYMU>i,-.) &ESi;)): GSi;)):0, ©) 
where ij € Ix. 

The predicate of connection between Sensor; and RTU;: 

A3(i, j):=(Gi< my) & (FS N)) J >) Mi >m,_1)& G<m,)):G<m,)):0, 7) 
where mj € Mx. 

We developed a method of automatic failure detection and localization in SCADA. The 
input data in this method are diagnostic matrix D(t). The matrix is represented as a dump 
containing the diagnostic features of information flows. It is formed with the sample rate of 
data from sensors. The number of rows in this matrix corresponds to the number of SCADA 
hierarchy levels. The number of columns corresponds to the number of controlled parameters. 


Dt) = [dic] 

di jic(t) € E,, EF; = {0,1,2} 

iL =1(S,)+1-1, 1S1<(S,) 

1<iC <n(X) 
where iL — the index of the matrix row D(t) which corresponds to SCADA hierarchy levels 
l; iC — the index of the matrix column D(t) which corresponds to the index of the 
controlled parameter xic(t); 1(S1) — the hierarchy level of servers; n(X) — the number of 
controlled parameters. 

The controlled parameter can have one of three states at each SCADA hierarchy 
level: “Absent,” “Non-reliable,” “Reliable.” These states can be described by using Post’s 
three-valued logic. 

We apply the elementary function of three-valued logic ge. — the characteristic 
function of the first kind with value e to analyze diagnostic matrix D(?). 


1, x=e, e€E3, Ez ={0,1,2} 
Po(X) = : 

0, x#e, e€ Fy, EF, ={0,1,2} 
We define diagnostic features for failure detection as follows: 


a) A sufficient diagnostic feature of failure absence for the SCADA structural 
element (iL, iC) at a point of time fis: 


(8) 


(9) 


P> (dis ic(t)) =1 3 (10) 
b) A necessary but insufficient diagnostic feature of failure detection for the SCADA 
structural element (iL, iC) at a point of time f is: 

79(di, ic) =1; (11) 

c) A necessary but insufficient diagnostic feature of failure detection due to the 

absence of controlled parameters at a hierarchy level (this corresponds to backbone nodes) 

or due to absence of data transmission process (this corresponds to data transmission 
channels Ch1/Ch2) for the SCADA structural element (iL, iC) at a point of time f is: 
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Po (dinic O)) = 15 (12) 

d) A necessary but insufficient diagnostic feature of failure detection due to the 

unreliability of controlled parameters at a hierarchy level (this corresponds to backbone 

nodes) or due to the unreliability of data transmission (this corresponds to data 

transmission channels Ch1/Ch2) for the SCADA structural element (iL, iC) at a point of 

time f Is: 

PD (dinic(t)) =1. (13) 

Analyzing diagnostic matrix D(t) we can assert that no failures have been detected at 

a point of time f if the following expression is true for the first row (iL = 1) of diagnostic 
matrix D(t) which corresponds to the server’s hierarchy level /(S1): 


Perc) =) (14) 


In general, the function of failure detection based on the analysis of diagnostic matrix 
D(t) is as follows: 


B 
SoG, OP aU Old e@)))s (15) 


where iL — the index of the matrix row D(t) which corresponds to SCADA hierarchy levels 

I; a, 8 —the initial and final ordinal numbers of controlled parameters which pass through 

the system’s structural elements for the given hierarchy level /. 

Consider the predicate S(i,y,/) to form the criteria of diagnostic feature distribution 
through independent failures taking into account the characteristic attributes for each 
SCADA hierarchy level. This predicate determines the state y for the controlled parameter 
x; at the hierarchy level /: 

SG, yb) = (Cy = disysi-1i) (16) 

Then the diagnostic feature of failure detection can be described by the predicate 
S(i.y,D) as follows: 

a) S(i,2,1) 3b) —S(@,2,1); c) SG,0,1);d) SGD). 

It should be noted that both diagnostic features of failure detection ~g2(dizic(t)) and 
the function of failure detection in SCADA g2(iL,a,f,1) do not distinguish independent and 
secondary failures. We assume that all the failures are independent at the lowest level [min 
for the given controlled parameter when passing through SCADA hierarchy levels. Thus, 
all diagnostic features of failure detection refer to these features of independent failure 
detection at level 7 (I < Imin). We also assume that diagnostic features at hierarchy levels 
which correspond to data transmission channels Chl/Ch2 are diagnostic features of 
independent failures. 

Therefore, at this stage of diagnostic matrix D(t) analysis we can assert the following: 
— The absence of diagnostic features for failure detection at a certain SCADA hierarchy 

level is a sufficient condition that no failures have been detected at this hierarchy level; 

— The presence of diagnostic features at hierarchy level Jin is a sufficient condition that 
there are independent failures at hierarchy level min and all the diagnostic features of 
failure detection refer to independent failures; 

— The number of independent failures at a hierarchy level of sensors (dmin = 2) is equal to 
the number of diagnostic features for failure detection; 
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— In order to define the number of failures at a certain low hierarchy level (din > 2), the 
additional analysis of diagnostic matrix D(t) is necessary because various diagnostic 
features can refer to the same failure; 

— The presence of diagnostic features for failure detection at hierarchy level J (1 > Imin) 
for JEL; is a necessary but insufficient condition of having an independent failure 
from low hierarchy levels. It is necessary to have additional diagnostic criteria to 
consider it an independent or secondary failure; 

— The absence of diagnostic features for independent failure detection at hierarchy level / (/ 
> Imin) is a sufficient condition of having no independent failures at this hierarchy level; 

— To define the number of independent failures when having diagnostic features for 
independent failure detection at hierarchy level / (/ > Imin), it is necessary to conduct 
an additional analysis of diagnostic matrix D(t) because different diagnostic features 
can refer to the same failure. 

We define the lowest level of SCADA for failure detection Jmin in accordance with 

SCADA structure (see Fig. 1). 


min = (82CL ty .t))? 
((g2(2,Lin t))? 
((g2G.Liy.t))? (17) 
((g2(4.Liy.t))? 
((g2(5,Lin,t))?5:4):3):2):1):0. 
If iLmin = 0, then no failures have been detected at a point of time f. Otherwise, the 
lowest hierarchy level of failure detection in SCADA is as follows: 
Fain = tS) + LiL aes (18) 
Since for the considered structural and logical model of failure detection and 
localization we accept that all the diagnostic features for failure detection =@(dj7 ;c(t)) 


at the lowest hierarchy level /min refer to independent failures, then we can form a matrix of 
markers with independent failures a(f) for hierarchy level [min: 


Aitpinic £) = 792 (dinicM)- (19) 


If [min < 1(S1), then it is necessary to define other SCADA hierarchy levels Imin< 1 < 
1(Si). For these hierarchy levels we can detect independent failures when analyzing current 
diagnostic matrix D(t). It is possible to take into account permissible changes of the 
controlled parameter state when passing up through SCADA hierarchy levels. 

Consider the algorithm of independent failure detection in the event of SCADA low 
level for failure detection belonging to backbone nodes. 

For row iL of diagnostic matrix D(d) the number of diagnostic features (diz ic (1) and 


the number of diagnostic features g (diz ic(t)) can be defined using the following formulas: 


in 
ny, GLsLiy st) = D9(ditic)> (20) 
iC=1 
. . in 
Ng, CL l,iny ,t) = ia diric®)- (21) 
iC=1 


The total number of diagnostic features for failure detection =@(djz jc(t)) for row 
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iL of diagnostic matrix D(Z) is as follows: 
ns, (iL, Lin .t) = Ng, CL, Liy .t) + Ng, (iL, Lin .t)- (22) 
According to the logic of SCADA functioning, at the system’s upper hierarchy levels 
Imin< ln+1 which refer to backbone nodes, a necessary but insufficient criterion of having 


independent failures 7 is an increase in the number of diagnostic features for failure 
detection compared to the system’s lower hierarchy level Imin< Tn. 


L, =bin t2xAS1(S)), 4=1,2,... 
ES eh 4823) 
NA, (iL, Lin .t) = Ng, (iL), lin .t) + Ng (iL, Lin .t) 

If at the system’s upper hierarchy level /;11, the number of diagnostic features for 
failure detection increases compared to the system’s lower hierarchy level /;, we can make 
a conclusion that the necessary condition of having independent failures was fulfilled at 
SCADA hierarchy level /p+1. 

Lys) = (My Liga Le ty ot) — My GL, iy tf) > 0) v (n, GL, .Liy.t) —1,GL, Liv.) >0). (A) 

If7(iLp4,4)=1, then we can calculate the number of diagnostic features of 
independent failure detection at SCADA hierarchy level Jn41€L1. 

The function of distinction between independent and secondary failures when 
controlled parameters pass through SCADA hierarchy levels taking into account the result 
of transmitting and receiving data process between adjacent hierarchy levels is as follows: 

S4(%, y,Z) = (2Qxyz 2x7 yz Qxy7z xyz xy? 2x7 yz x7 yz" xy??? 2x7 y2z7) (mod3), (25) 
where x — the controlled parameter state at a transmitting hierarchy level, y — the result of 
transmitting and receiving data process between adjacent hierarchy levels; z — the 
controlled parameter state at a receiving hierarchy level; f4(x, y,z)=1 — a necessary but 
insufficient condition of having diagnostic features for independent failure detection; 
S4(% y,z)=0 — a sufficient condition of absence of diagnostic features for independent 


failure detection. 
We can define the number of diagnostic features for independent failure detection at 
hierarchy level [pin <ly41 </(S1) on the basis of formula 24: 


IN 
ny, GL Lin t= Y fa ditwzicO,dirsricO.diricO)- (26) 
iC=1 
If n fa (iL,l,iy,t) =0, then this criterion is a sufficient condition that no failures have 
been detected at a current hierarchy level. 
If n va (iL,l,iy,t)>O, then this criterion is a sufficient condition of having 


independent failures. 
We can form a row marker matrix of independent failures a(¢) for a current hierarchy level: 


Aric ©) = fa Gits2ic > ditsricO: dinic®)- (27) 
Accordingly, predicate M(i,/) of having independent failure markers for controlled 
parameter x; at hierarchy level / is as follows: 


M(i,1) = Acsiy41-Li . (28) 


We can define certain predicates of diagnostic feature distribution through SCADA 
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structural elements taking into account the characteristic attributes for each hierarchy level. 
The predicate of existence of at least one controlled parameter x; at hierarchy level / which 
has a diagnostic feature for independent failure detection is as follows: 


FiPh i, 1) := ci(M Gi, 1) & AS(G,2,1)). (29) 


The predicate of existence of at least one controlled parameter x; at hierarchy level / 
which has a diagnostic feature for independent failure detection with value y is as follows: 


FIA, G, y.l) := di(M (1) & SG, y,1)). (30) 


The predicate of existence of at least two different controlled parameters x; and x; at 
hierarchy level / which have a diagnostic feature for independent failure detection is as follows: 


SiFjPy(Gi, j,D) = AiG # j)& RD & Pid). (31) 
The predicate of existence of at least two controlled parameters x; and x; at hierarchy 

level / which have different diagnostic features for failure detection is as follows: 
FiFjP3(i, J.D = Fi # )) KMD &M (GD) & (SEO) & SGLD) v (SGLD & S(j,0,D))) . (32) 
Thus, for the structural and logical model we consider, the number of independent 
failures ne(J=2V1=3) for controlled parameters with timestamp ¢ at hierarchy level 


=~ 


Sensors/Ch1 can be defined as follows: 

— We verify whether there are at least two different controlled parameters x; and x; which 
have diagnostic features of independent failure detection at hierarchy level Sensors/Ch1. 
Then we verify there are no Sensors/Ch1 for which we have at least two controlled 
parameters x; and x; having different diagnostic features for independent failure 
detection. This means that the number of independent failures at a current hierarchy 
level is equal to the number of hierarchy modules for which we have at least one 
diagnostic feature of independent failure detection; 

— We verify whether there is at least one Sensors/Ch1 at hierarchy level Sensors/Ch1 for 
which there are at least two controlled parameters x; and x; having different diagnostic 
features for independent failure detection. This means that the number of independent 
failures at a current hierarchy level is calculated by the number of different diagnostic 
features for independent failure detection per structural module. 

The number of independent failures for the levels of SCADA hierarchy is determined 
in analogy to hierarchy level Sensors/Chl. The foregoing is achieved by taking into 
account the connection between various hierarchy levels. 

Conclusions 

The system of predicates we considered can be applied when forming a knowledge 
base of an expert diagnostic system. It allows us to implement a method for SCADA 
failure diagnostics. It takes into account the consistencies of information flow changes in 
real time in the event of incomplete / unreliable / absent data in the system’s structural 
elements. This method of independent failure detection and localization ensures the 
reliability of SCADA operational monitoring. 
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PE3IOME 


M. Auexcees, I. YqoBuK, O. Cupotkina 

3acTOcyBaHHA JOTIKH NpequKaTIB 11d BUABJICHHA BiaMoB y SCADA cucTremax 

Y anit cTaTTi po3ruiaqacTheA 3ajada BUABJICHHA Ta JOKai3allli BiaMoB y SCADA B 
P@KUMI peasIbHOrO acy Ha OCHOBI aHasli3y 3MiHW CTaHy iH(opMalliitHux MOTOKIB CHCTeMH 
y lpoueci ix MmpoxospKeHHA 3a CTPYKTYPHUMH eJICEMeHTaMH Ta piBHAMH iepapxii. BemuKnit 
oOcar Ta iHTeHCHBHUM MOTIK HU3bKOpiBHeBO! AlarHOcTHYHOi inopMallii, Wo renepyeTEca 
SCADA, Bumarae po3poOKH yHiBepcaibHoi Ta edbeKTHBHOI CHCTeMH TOJaHHA 3HaHb 
CTOCOBHO J{O eKCIIepTHOi iarHOCcTHYHOI CHCTeMM TiATPHMKH MIpPHHATTA PpillleHb. 
PosrmagqaeTbca po3poOsieHa WpeyquKaTHa CHCTeMa TlOJjaHHA 3HaHb, WepeBaraMu AKOI € 
IIpoctota peasi3zaliil Ta yHiBepCasIbHICTb OMMcy 3afa4i. 

IIpononyeracea CTpyKTYpHO-Ori4qHa MOJeb Wa omMcy SCADA cuctemu Oyqb-AKOi 
Tonosorii. B pamKax jaHoi MOjesIl BU3HAYaIOTBCA TpeWKaTH HasBHOCTI 3B'A3KY MDK 
CTPyKTYPHUMH eJIeMeHTaMH CHCTeMH pi3HHX piBHIB iepapxii. 

Ha ocHosi xapakTepucTH4HHX (yHKWili Tpu3HadHoi Jorikn PopMyroTbeA HeOOXx1 ZHI 
Ta JOCTaTH! jiarHOCTHYHI O3HaKH BUABJICHHA / BiJCYTHOCTi BIMOBH Yy CHCTeMi, 
PpO3MexKyBaHHA He3aslexKHUX 1 BTOPHHHHX BiJIMOB. 

Bu3HauaeTbca peyqukKaTHa CHCTeMa TOJaHHA 3HaHb JIA peasi3zalii MeToay 
JMarHOCTHKH patle3sqaTHocTi SCADA B yMoBax HelOBHHX aHHx / HeOCTOBIPHHX aHux. 
Eq@exkTuBHnit asIropuTM MOWyKy pillieHHA Ha OCHOBI 3alIpOMOHOBAaHO! CHCTeMH IIpequKaTIB 
JO3BOJIAE IPOBOAMTH OlepaTHBHHM KOHTPOsIb CTaHy CTPyKTYPHUX esIeMeHTIB SCADA. 
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